PRIVACY POLICY

Last updated: March 2026

This Privacy Policy describes how DiveSmartAI collects, processes, stores, and protects personal information obtained through its website and related digital services. It explains the categories of personal data that may be collected, the purposes for which such data is processed, the technologies used in connection with the website, and the rights available to individuals regarding their personal information.

By accessing or using this website, users acknowledge that they have read, understood, and accepted the terms described in this Privacy Policy.

1. Data Controller

For the purposes of applicable data protection regulations and international privacy principles, the entity responsible for the processing of personal data described in this Privacy Policy is:

DiveSmartAI
Sukhumvit 50, Khwaeng Phra Khanong
Khet Khlong Toei
Bangkok 10260
Thailand

Email: [email protected]
Phone: +66 0955745850

DiveSmartAI operates as a provider of automated digital infrastructure, reputation management systems, and customer relationship automation solutions designed for physical businesses operating in sectors including hospitality, tourism, diving operations, wellness, and related service industries.

2. Scope of This Privacy Policy

This Privacy Policy applies to personal data collected through the DiveSmartAI website and any related online interfaces that directly reference this policy.

The policy governs the collection and use of information when users interact with the website, including when scheduling consultations or when website analytics technologies automatically collect technical data related to website usage.

This Privacy Policy does not apply to third party websites, platforms, or services that may be linked from this website but are governed by their own independent privacy policies.

3. Categories of Personal Data Collected

DiveSmartAI collects personal information only when such information is voluntarily provided by users through the website, primarily when scheduling consultation calls.

The categories of personal data that may be collected include:

• full name
• email address
• phone number
• company or business name
• business website or domain

DiveSmartAI does not intentionally request or collect sensitive categories of personal data through this website.

Users are advised not to submit sensitive personal information unless specifically requested as part of a legitimate service process.

4. Legal Basis for Data Processing

Where relevant under international data protection frameworks, including principles derived from the General Data Protection Regulation (GDPR), DiveSmartAI processes personal data under one or more of the following legal bases:

• consent provided by the user when submitting information through the website
• legitimate business interest in communicating with potential clients
• necessity for the evaluation of potential commercial relationships

Processing activities are limited to purposes that are reasonable, proportionate, and aligned with the expectations of users interacting with the website.

5. Purpose of Processing Personal Data

Personal information collected through the website may be processed for the following purposes:

• scheduling and managing consultation calls requested by users
• communicating with potential clients regarding business opportunities
• evaluating whether DiveSmartAI services are appropriate for the requesting business
• maintaining records of business communications
• providing follow up information regarding relevant services

DiveSmartAI does not sell, rent, or trade personal information to third parties.

6. CRM Systems and Internal Data Infrastructure

Personal data submitted through the website is processed within the DiveSmartAI internal CRM infrastructure located at:

app.divesmartai.com

This platform allows DiveSmartAI to manage consultations, maintain communication records, and organize internal business processes in a structured and secure environment.

Access to the CRM system is limited to authorized personnel and is subject to strict internal access control policies.

7. Processing of Client Customer Data

DiveSmartAI provides automation and digital infrastructure systems to businesses that interact with their own customers.

Examples of such businesses may include wineries, hospitality operators, dive centers, tourism providers, and service based businesses.

In these circumstances:

• the business client remains the data controller of its customer information
• DiveSmartAI operates strictly as a technical service provider
• each client operates its own independent CRM environment

DiveSmartAI processes such information only as necessary to provide the agreed technological infrastructure and does not use client customer data for independent commercial purposes.

8. Website Analytics and Advertising Technologies

The DiveSmartAI website may utilize analytical and advertising technologies designed to understand website performance and improve marketing effectiveness.

These technologies may include:

• Google Analytics
• Meta Pixel

Such technologies may automatically collect certain information including:

• IP address
• browser and device type
• pages visited
• time spent on pages
• referral sources
• approximate geographic location derived from IP address

This information is primarily used in aggregated form to evaluate website performance and improve marketing strategies.

9. Cookies and Tracking Technologies

The website may use cookies and related technologies for operational, analytical, and advertising purposes.

Cookies may be used for:

• ensuring proper website functionality
• measuring website traffic and visitor interactions
• improving advertising performance
• enabling remarketing and campaign optimization

Users are notified of cookie usage through a cookie consent banner and may manage their preferences through browser settings.

10. Email Communication

Individuals who submit their information through the website may receive email communications related to their inquiry or consultation request.

These communications may include:

• call confirmations
• follow up information after consultations
• relevant information related to DiveSmartAI services

All email communication is managed through the internal CRM infrastructure described above.

Users may request removal from future communication at any time by contacting [email protected].

11. International Data Transfers

DiveSmartAI utilizes enterprise cloud infrastructure providers including:

• Amazon Web Services (AWS)
• Google Cloud Platform (GCP)

These providers may process or store data in data centers located in multiple jurisdictions, including locations outside the European Economic Area.

Users acknowledge that personal information may be transferred internationally as necessary for the operation of the services described in this policy.

12. Data Security and Enterprise Grade Infrastructure

DiveSmartAI implements a variety of technical and organizational safeguards designed to protect personal data from unauthorized access, misuse, alteration, or disclosure.

These safeguards include:

• encrypted HTTPS connections for all web communications
• enterprise grade cloud infrastructure operated by leading global providers
• secure data processing environments using Amazon Web Services (AWS) and Google Cloud Platform (GCP)
• restricted access to internal systems based on role based authorization
• two factor authentication for administrative access
• internal operational procedures designed to minimize data exposure risk

DiveSmartAI relies on enterprise grade infrastructure designed to meet high standards of reliability, security, and operational resilience.

While these measures significantly reduce risk, users should understand that no digital transmission or storage system can guarantee absolute security.

13. Data Retention

Personal data collected through the website will be retained only for the period reasonably necessary to fulfill the purposes described in this Privacy Policy.

Retention may also occur where necessary to:

• maintain business communication records
• comply with legal or regulatory obligations
• resolve potential disputes

When personal data is no longer required, reasonable measures will be taken to securely delete or anonymize the information.

14. Individual Rights

Individuals may exercise certain rights with respect to their personal data under applicable data protection frameworks.

These rights may include:

• the right to request access to personal data
• the right to request correction of inaccurate information
• the right to request deletion of personal data
• the right to request restriction of processing
• the right to request data portability where applicable

Requests may be submitted by contacting:

[email protected]

DiveSmartAI will make reasonable efforts to respond to such requests in accordance with applicable privacy regulations.

15. Age Restrictions

The DiveSmartAI website and services are intended for use by business professionals and individuals over the age of 18.

DiveSmartAI does not knowingly collect personal information from minors.

16. Changes to This Privacy Policy

DiveSmartAI reserves the right to modify or update this Privacy Policy when necessary to reflect operational changes, technological developments, or legal requirements.

Any updates will be published on this page together with the revised effective date.

17. Contact Information

For questions regarding this Privacy Policy or the handling of personal data, users may contact:

DiveSmartAI
Email: [email protected]
Phone: +66 0955745850

Convertimos clientes en ingresos a largo plazo

Terms and Conditions

Contacto

[email protected]

+66 955745850

Bangkok

PRIVACY POLICY

Last updated: March 2026

By accessing or using this website, users acknowledge that they have read, understood, and accepted the terms described in this Privacy Policy.

1. Data Controller

For the purposes of applicable data protection regulations and international privacy principles, the entity responsible for the processing of personal data described in this Privacy Policy is:

DiveSmartAISukhumvit 50, Khwaeng Phra KhanongKhet Khlong ToeiBangkok 10260Thailand

Email: [email protected]Phone: +66 0955745850

DiveSmartAI operates as a provider of automated digital infrastructure, reputation management systems, and customer relationship automation solutions designed for physical businesses operating in sectors including hospitality, tourism, diving operations, wellness, and related service industries.

2. Scope of This Privacy Policy

This Privacy Policy applies to personal data collected through the DiveSmartAI website and any related online interfaces that directly reference this policy.

The policy governs the collection and use of information when users interact with the website, including when scheduling consultations or when website analytics technologies automatically collect technical data related to website usage.

This Privacy Policy does not apply to third party websites, platforms, or services that may be linked from this website but are governed by their own independent privacy policies.

3. Categories of Personal Data Collected

DiveSmartAI collects personal information only when such information is voluntarily provided by users through the website, primarily when scheduling consultation calls.

The categories of personal data that may be collected include:

• full name• email address• phone number• company or business name• business website or domain

DiveSmartAI does not intentionally request or collect sensitive categories of personal data through this website.

Users are advised not to submit sensitive personal information unless specifically requested as part of a legitimate service process.

4. Legal Basis for Data Processing

Where relevant under international data protection frameworks, including principles derived from the General Data Protection Regulation (GDPR), DiveSmartAI processes personal data under one or more of the following legal bases:

• consent provided by the user when submitting information through the website• legitimate business interest in communicating with potential clients• necessity for the evaluation of potential commercial relationships

Processing activities are limited to purposes that are reasonable, proportionate, and aligned with the expectations of users interacting with the website.

5. Purpose of Processing Personal Data

Personal information collected through the website may be processed for the following purposes:

DiveSmartAI does not sell, rent, or trade personal information to third parties.

6. CRM Systems and Internal Data Infrastructure

Personal data submitted through the website is processed within the DiveSmartAI internal CRM infrastructure located at:

app.divesmartai.com

This platform allows DiveSmartAI to manage consultations, maintain communication records, and organize internal business processes in a structured and secure environment.

Access to the CRM system is limited to authorized personnel and is subject to strict internal access control policies.

7. Processing of Client Customer Data

DiveSmartAI provides automation and digital infrastructure systems to businesses that interact with their own customers.

Examples of such businesses may include wineries, hospitality operators, dive centers, tourism providers, and service based businesses.

In these circumstances:

• the business client remains the data controller of its customer information• DiveSmartAI operates strictly as a technical service provider• each client operates its own independent CRM environment

DiveSmartAI processes such information only as necessary to provide the agreed technological infrastructure and does not use client customer data for independent commercial purposes.

8. Website Analytics and Advertising Technologies

The DiveSmartAI website may utilize analytical and advertising technologies designed to understand website performance and improve marketing effectiveness.

These technologies may include:

• Google Analytics• Meta Pixel

Such technologies may automatically collect certain information including:

• IP address• browser and device type• pages visited• time spent on pages• referral sources• approximate geographic location derived from IP address

This information is primarily used in aggregated form to evaluate website performance and improve marketing strategies.

9. Cookies and Tracking Technologies

The website may use cookies and related technologies for operational, analytical, and advertising purposes.

Cookies may be used for:

• ensuring proper website functionality• measuring website traffic and visitor interactions• improving advertising performance• enabling remarketing and campaign optimization

Users are notified of cookie usage through a cookie consent banner and may manage their preferences through browser settings.

10. Email Communication

Individuals who submit their information through the website may receive email communications related to their inquiry or consultation request.

These communications may include:

• call confirmations• follow up information after consultations• relevant information related to DiveSmartAI services

All email communication is managed through the internal CRM infrastructure described above.

Users may request removal from future communication at any time by contacting [email protected].

11. International Data Transfers

DiveSmartAI utilizes enterprise cloud infrastructure providers including:

• Amazon Web Services (AWS)• Google Cloud Platform (GCP)

These providers may process or store data in data centers located in multiple jurisdictions, including locations outside the European Economic Area.

Users acknowledge that personal information may be transferred internationally as necessary for the operation of the services described in this policy.

12. Data Security and Enterprise Grade Infrastructure

DiveSmartAI implements a variety of technical and organizational safeguards designed to protect personal data from unauthorized access, misuse, alteration, or disclosure.

These safeguards include:

DiveSmartAI relies on enterprise grade infrastructure designed to meet high standards of reliability, security, and operational resilience.

While these measures significantly reduce risk, users should understand that no digital transmission or storage system can guarantee absolute security.

13. Data Retention

Personal data collected through the website will be retained only for the period reasonably necessary to fulfill the purposes described in this Privacy Policy.

Retention may also occur where necessary to:

• maintain business communication records• comply with legal or regulatory obligations• resolve potential disputes

When personal data is no longer required, reasonable measures will be taken to securely delete or anonymize the information.

14. Individual Rights

Individuals may exercise certain rights with respect to their personal data under applicable data protection frameworks.

These rights may include:

• the right to request access to personal data• the right to request correction of inaccurate information• the right to request deletion of personal data• the right to request restriction of processing• the right to request data portability where applicable

Requests may be submitted by contacting:

[email protected]

DiveSmartAI will make reasonable efforts to respond to such requests in accordance with applicable privacy regulations.

15. Age Restrictions

The DiveSmartAI website and services are intended for use by business professionals and individuals over the age of 18.

DiveSmartAI does not knowingly collect personal information from minors.

16. Changes to This Privacy Policy

DiveSmartAI
Sukhumvit 50, Khwaeng Phra Khanong
Khet Khlong Toei
Bangkok 10260
Thailand

Email: [email protected]
Phone: +66 0955745850

• full name
• email address
• phone number
• company or business name
• business website or domain

• consent provided by the user when submitting information through the website
• legitimate business interest in communicating with potential clients
• necessity for the evaluation of potential commercial relationships

• the business client remains the data controller of its customer information
• DiveSmartAI operates strictly as a technical service provider
• each client operates its own independent CRM environment

• Google Analytics
• Meta Pixel

• IP address
• browser and device type
• pages visited
• time spent on pages
• referral sources
• approximate geographic location derived from IP address

• ensuring proper website functionality
• measuring website traffic and visitor interactions
• improving advertising performance
• enabling remarketing and campaign optimization

• call confirmations
• follow up information after consultations
• relevant information related to DiveSmartAI services

• Amazon Web Services (AWS)
• Google Cloud Platform (GCP)

• maintain business communication records
• comply with legal or regulatory obligations
• resolve potential disputes

• the right to request access to personal data
• the right to request correction of inaccurate information
• the right to request deletion of personal data
• the right to request restriction of processing
• the right to request data portability where applicable

DiveSmartAI
Email: [email protected]
Phone: +66 0955745850